Introduction This article is a brief study case of an agile development process implementation in a public sector. Co-authored with: Vanderlei Silva. If you have an empirical process (one that is complex and/or not very well understood) we need to be prepared to fail fast but learn even faster. And in a public sector, of course, it is not an exception. See what UK government says about it. People tend to see government as a deviation from the norm - in some cases it really is, but it is not a rule - and we believe that great part of...…
14 tools for network engineers
Introduction To overcome daily issues, it’s interesting that a network professional know some tools which can increase his productivity and make his work easier. Although some tools - especially ARPSpoof, nmap, TCPTraceroute and AirCrack - can be used in malicious contexts - as to perform reconnaissance and probe for weaknesses in preparation for attacks - they also have value for legitimate purposes. Tools AirCrack – Can reveal who’s using the wireless network and can be used to troubleshoot issues. Also it’s a great tool for discovering nearby wireless networks. ARPSpoof – Hackers use it to send spoofed ARP requests trying...…
Microservices
Introduction Since the explosion of SaaS applications there have been a lot of innovation in the area of APIs which provide an important interaction between application functionalities. The main idea around microservices is that, in general, applications tends to become easier to develop when they are treated as modules. Considering that, each piece is developed separately, being the application a composition of all parts working together. It opposes the traditional development where the application is considered a ‘monolithic’ entity. That way, developers can focus on their own core business while other specialists provide the components needed, which will be accessed...…
Autonomous & Connected vehicles: Information Security concern
Introduction This article presents the risks to which users of autonomous/connected vehicles are subject, concerning the Information Security. It will be shown that it is possible to obtain unauthorized access to the Electronic Control Units of vehicles, pointing the importance of concern for producers, to the extent that this can bring impacts the lives of millions of people. …
Infosec professional role in combating fraud
Introduction Due to the low number of experts and lenient laws, there is a growing realization of digital fraud, occurring in this context fully or partially (pure or mixed virtual crime). Regarding digital crimes: “There is no crime without a previous law to define it. No punishment without prior legal sanction” (Federal Constitution of Brazil, 1988, art. 5, XXXIX). Because of that, it is increasingly necessary the presence and action of a group of professionals that reduces chances of injury to one of the greatest assets of modern corporations: the information. According to a study conducted by the ACFE in...…
2015 Websense's Threat Report
Cybercrime never been so easy. Introduction Will be presented the main points addressed in Threat Report of Websense Security Labs® in 2015. The original file can be found here. Cybercrime just got easier MaaS (Malware-as-a-Service) has established itself as a practice, since even those who do not have in-depth knowledge in the area can have access to technology and cutting-edge tools, including samples of malicious source code, attack service providers and exploit kits. Attacks exhibiting advanced behavior are becoming common, especially in the areas of evasion, to hide intent or identification. Avoid the attribution trap The concern about the attribution...…